Akamai launched App & API Protector, the company’s next-generation web application and API protection (WAAP) solution. It provides a holistic set of protections built for today’s modern applications and APIs with intelligent automation and simplicity.
Last month, Akamai released its latest State of the Internet / Security report, ‘API: The Attack Surface That Connects Us All,’ which highlighted the challenges organizations face in the evolving threat landscape, especially given that Gartner reported APIs will be the most frequent online attack vector by 2022. In fact, by design, API calls are easier and faster to automate than other software endpoints, making them an increasingly appealing target for cybercriminals.
With App & API Protector, Akamai customers have a single, integrated WAAP solution that is designed to deliver the strongest security outcomes, without compromising simplicity and ease of use. Key benefits include:
Automatic API discovery and security — Mitigate API-related risks and vulnerabilities with continuous discovery of known, unknown, and evolving APIs. API requests are automatically discovered and inspected for malicious code; and optional API security controls can be enforced at the edge to activate positive API security models. Gartner’s 2021 Critical Capabilities report gave Akamai the top spot for the use case on API programmability and security.
Adaptive and more accurate detections — Detect up to two times more attacks compared to traditional rulesets. Adaptive, threat-based detection employs a multidimensional threat scoring model that combines Akamai’s platform intelligence with data/metadata from each web and API request. This data is actioned with decision-making logic that accurately identifies and stops stealthy attacks with surgical-grade precision.
Continuous self-tuning — Akamai’s Adaptive Security Engine not only keeps pace with rapidly evolving threats but reduces false positives by up to five times to alleviate the effort required to maintain and tune policies. Security triggers, whether true attacks or those misidentified as attacks, are automatically and continuously analyzed with machine learning to deliver highly accurate policy-by-policy tuning recommendations with a 1-click implementation.
Built-in bot mitigation — Automatically detect and mitigate unwanted bots with built-in bot visibility and mitigation capabilities. Akamai’s bot technology features an expansive directory of 1,500+ known bots and provides customers with the ability to create and define bots to proactively monitor analytics and prevent attacks. For more persistent, adversarial bot operators, Akamai offers its category-leading Bot Manager solution to mitigate that threat.
Automatic updates — Enable a “hands off” approach to WAAP with adaptive protections fully managed by Akamai. Our security researchers use machine learning and data mining techniques to continuously analyze over 303TB of daily attack data and automatically update protections against the latest threats. Customers can also opt for manual/evaluation mode of operation to minimize any unexpected impact of new updates.
DevOps integration made simple — Easily integrate WAAP capabilities using the Akamai CLI, Terraform, or scripts in the CI/CD automation pipeline. Enable rapid onboarding of applications, ensure uniform security policy management across large application and API portfolios, and centralize security enforcement across hybrid and multi-cloud infrastructures.
“As the online threat landscape continues to evolve, the need for a holistic, adaptive approach to web application and API security is clear. With the introduction of our new App & API Protector, Akamai customers now have a single, holistic solution that makes sophisticated protection extremely simple,” said Amol Mathur, Vice President of Product Management, Akamai. “This builds on Akamai’s proven security technologies, introducing new levels of sophisticated, automated intelligence to keep our customers a step ahead of the cybercriminals.”
In September, Akamai was named a Leader in the Gartner Magic Quadrant for Web Application and API Protection report and placed highest in the Ability to Execute among the companies evaluated for their ability to protect web applications and APIs. In addition, Akamai also received the highest scores for three of the four Use Cases in the 2021 Gartner Critical Capabilities for Cloud Web Application and API Protection report, including the API Security Use Case.